NAME¶

cl_get_lock - Create Cancel-Lock with libcanlock

SYNOPSIS¶

#include <libcanlock-3/canlock.h>

char *cl_get_lock(cl_hash_version hash,
                  const unsigned char *sec, size_t sec_len,
                  const unsigned char *msg, size_t msg_len);

Supported values for hash (by version 3.0.0 of libcanlock):
CL_SHA1 CL_SHA224 CL_SHA256 CL_SHA384 CL_SHA512

DESCRIPTION¶

The cl_get_lock() function creates a <c-lock> element according to the algorithm recommended by RFC 8315 in Section 4. The hash algorithm selected for <scheme> is used for the HMAC operation too.

The hash algorithm for <scheme> is selected with hash.

The local secret is specified with sec (sec_len must be set to the length of sec).
The length of the local secret should be at least the length of the hash that was selected for <scheme> (32 octets for SHA256).

The Message-ID of the target article (the one for which the lock is intended) is specified with msg (msg_len must be set to the length of msg).

The Message-ID msg can be prepended with an optional User-ID. The length of the User-ID must be added to msg_len. The User-ID must not contain angle brackets.

RETURN VALUE¶

Upon successful completion a pointer to the result string is returned. Otherwise, NULL is returned.

On success the caller is responsible to call free() for the pointer returned as result.

AUTHORS¶

Dennis Preiser
(Based in part on the implementation from G. J. Andruk for Version 2)

The base64 implementation is written by Kungliga Tekniska Hogskolan (Royal Institute of Technology, Stockholm, Sweden)

The hash algorithms are implemented with code from RFC 6234

REPORTING BUGS¶

Report bugs to <mailto:michael.baeuerle@gmx.net>.

STANDARDS¶

libcanlock tries to comply with the following standards:

RFC 5537, RFC 6234, RFC 8315

SEE ALSO¶

free(3), cl_clear_secret(3), cl_get_key(3), cl_split(3), cl_verify(3), cl_verify_multi(3), canlock(1)